CVE-2008-1287
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
IBM Rational ClearQuest versiones 7.0.1.1.1 y 7.0.0.0.2, genera diferentes mensajes de error dependiendo de si el nombre de usuario es válido o no válido, lo que permite a los atacantes remotos enumerar los nombres de usuario.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-03-11 CVE Reserved
- 2008-03-11 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id?1019566 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41042 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29280 | 2017-08-08 | |
| http://www-1.ibm.com/support/docview.wss?uid=swg1PK55561 | 2017-08-08 | |
| http://www.securityfocus.com/bid/28132 | 2017-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2008/0804/references | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Rational Clearquest Search vendor "Ibm" for product "Rational Clearquest" | 7.0.0.2 Search vendor "Ibm" for product "Rational Clearquest" and version "7.0.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Rational Clearquest Search vendor "Ibm" for product "Rational Clearquest" | 7.0.1.1 Search vendor "Ibm" for product "Rational Clearquest" and version "7.0.1.1" | - |
Affected
| ||||||